SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-2019-3318

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-2019-3318

Security update for samba

Type: security

Severity: important

Issued: 2019-12-17

Description:

This update for samba fixes the following issues:

-  CVE-2019-14861: Fixed a DNSServer RPC server crash, that allowed an authenticated user to crash the DCE/RPC DNS management server by creating records with matching the zone name (bsc#1158108).
-  CVE-2019-14870: Fixed a DelegationNotAllowed not being enforced (bsc#1158109).

References

CVE: CVE-2019-14870
CVE: CVE-2019-14861
Bugzilla: 1158109 VUL-0: EMBARGOED: CVE-2019-14870: samba: DelegationNotAllowed not being enforced
Bugzilla: 1158108 VUL-0: EMBARGOED: CVE-2019-14861: samba: DNSServer RPC server crash

Packages

samba-4.7.11+git.202.6edee83fb34-4.34.1